recruiting
Patrice Dumas
pertusus at free.fr
Wed Dec 5 10:30:37 UTC 2007
On Mon, Nov 26, 2007 at 05:18:19PM +0100, Thorsten Leemhuis wrote:
>
> Sure it's dangerous and problematic -- but it's IMHO still way better
> then to not ship a package just for hypothetical situation where a major
> update might be the only way forward if a security issues comes up.
>
> Besides: if we want to update for non-security reasons we can provide
> compat packages as well, which should solve parts of the problem.
Ok, but then what to do when a security issue is discovered in the
package that is also relevant for the compat package but we don't want
to backport it? Simply remove the compat package from the repo?
--
Pat
More information about the epel-devel-list
mailing list